RDPY security tool is a Microsoft RDP Security tool developed in pure Python with RDP (MITM) proxy help. This permits a consumer to document classes and develop honeypot performance. It helps each Microsoft RDP (Distant Desktop Protocol) protocol consumer and server aspect. RDPY security tool helps customary RDP safety layer, RDP over SSL and NLA authentication (via ntlmv2 authentication protocol). This text will briefly go over on hacking distant desktop protocol utilizing rdpy security tool and totally different utilization of it. Learn the way you should learn about Kali linux here
References for RDPY security tool
RDPY security tool Options
RDPY supplies the next RDP and VNC binaries :
- RDP (MITM) proxy which document session
- RDP Honeypot
- RDP screenshoter
- RDP client
- VNC client
- VNC screenshoter
- RSS Participant
Included binaries and utilization
Dependencies are solely wanted for pyqt4 binaries :
rdpy security tool-rdpclient
rdpy-rdpclient is a straightforward RDP Qt4 user.
$ rdpy-rdpclient.py [-u username] [-p password] [-d domain] [-r rss_ouput_file] [...] XXX.XXX.XXX.XXX[:3389]
You can use rdpy-rdpclient in a Recorder Session Scenario, used in rdpy-rdphoneypot.
rdpy security tool-vncclient
rdpy-vncclient is a simple VNC Qt4 client .
$ rdpy-vncclient.py [-p password] XXX.XXX.XXX.XXX[:5900]
rdpy security tool-rdpscreenshot
rdpy-rdpscreenshot saves login screen in file.
$ rdpy-rdpscreenshot.py [-w width] [-l height] [-o output_file_path] XXX.XXX.XXX.XXX[:3389]
rdpy security tool-vncscreenshot
rdpy-vncscreenshot saves the first screen update in file.
$ rdpy-vncscreenshot.py [-p password] [-o output_file_path] XXX.XXX.XXX.XXX[:5900]
rdpy security tool-rdpmitm
rdpy-rdpmitm is a RDP proxy allows you to do a Man In The Middle attack on RDP protocol. Record Session Scenario into rss file which can be replayed by rdpy-rssplayer.
$ rdpy-rdpmitm.py -o output_dir [-l listen_port] [-k private_key_file_path] [-c certificate_file_path] [-r (for XP or server 2003 client)] target_host[:target_port]
Output directory is used to save the rss file with following format (YYYYMMDDHHMMSS_ip_index.rss) The private key file and the certificate file are classic cryptographic files for SSL connections. The RDP protocol can negotiate its own security layer If one of both parameters are omitted, the server use standard RDP as security layer. Also read knowledge base article to change hostname on every boot.
rdpy security tool-rdphoneypot
This is an RDP honey Pot and uses Recorded Session Scenario to replay scenario through RDP Protocol.
$ rdpy-rdphoneypot.py [-l listen_port] [-k private_key_file_path] [-c certificate_file_path] rss_file_path_1 ... rss_file_path_N
The private key file and the certificate file are classic cryptographic files for SSL connections. The RDP protocol can negotiate its own security layer. If one of both parameters are omitted, the server use standard RDP as security layer. You can specify more than one files to match more common screen size.
rdpy security tool-rssplayer
It is use to replay Record Session Scenario (rss) files generates by either rdpy-rdpmitm or rdpy-rdpclient binaries.
$ rdpy-rssplayer.py rss_file_path